NATO Policy on Cyber Defence, 2011

Share

Strategy

NATO released its Policy on Cyber Defence on June 8, 2011. The document's introduction states,

"The security environment of the twenty-first century has changed remarkably. Our modern societies and economies are wired together by networks, cables and the IP addresses of our computers. Increasingly dependent on complex critical communication and information systems (CIS), the Alliance must adapt and enhance its defences in order to confront emerging challenges head-on. To this end, the revised NATO Policy on Cyber Defence sets out a clear vision of how the Alliance plans to bolster its cyber efforts.

The 2010 NATO Strategic Concept highlighted the need to "develop further our ability to prevent, detect, defend against and recover from cyber-attacks…". Threats are rapidly evolving both in frequency and sophistication. Threats emanating from cyberspace – whether from states, hacktivists or criminal organisations, among many others – pose a considerable challenge to the Alliance and must be dealt with as a matter of urgency.

Against this background, at the 2010 Lisbon Summit, the Heads of State tasked the North Atlantic Council to develop a revised NATO cyber defence policy. A NATO Concept on Cyber Defence was first drafted for Defence Ministers in March 2011, which formed the conceptual basis of the revised NATO Policy on Cyber Defence. The Policy itself was then developed and approved by the NATO Defence Ministers on 8 June. The document is coupled with an implementation tool – an Action Plan, which represents a detailed document with specific tasks and activities for NATO's own structures and Allies' defence forces."